<?php

// +---------------------------------------------------------------------------+
// | This file is part of the Agavi package.                                   |
// | Copyright (c) 2003-2007 the Agavi Project.                                |
// | Based on the Mojavi3 MVC Framework, Copyright (c) 2003-2005 Sean Kerr.    |
// |                                                                           |
// | For the full copyright and license information, please view the LICENSE   |
// | file that was distributed with this source code. You can also view the    |
// | LICENSE file online at http://www.agavi.org/LICENSE.txt                   |
// |   vi: set noexpandtab:                                                    |
// |   Local Variables:                                                        |
// |   indent-tabs-mode: t                                                     |
// |   End:                                                                    |
// +---------------------------------------------------------------------------+

class AfgSecurityUser extends AgaviRbacSecurityUser
{
	/**
	 * Let's pretend this is our database. For the sake of example ;)
	 */
	static $users = array(
		'mondfee' => array(
			'password' => 'p4ssw0rd', // that's "kick" plus the salt
			'roles' => array(
				'admin',
			)
		),
	);
	
	static $error_msg;
	
	public function startup()
	{
		parent::startup();

	}
	
	public function login($username, $password)
	{
		try {
			$username = strtolower($username);
			if(!isset(self::$users[$username])) {
				throw new AgaviSecurityException('username');
			}
			
			if($password != self::$users[$username]['password']) {
				throw new AgaviSecurityException('password');
			}
			
			$this->setAuthenticated(true);
			$this->clearCredentials();
			$this->grantRoles(self::$users[$username]['roles']);
			return true;
		} catch (AgaviSecurityException $e) {
			self::$error_msg = $e->getMessage();
			$this->logout();
			return false;
		}
	}
	
	public static function getPassword($username)
	{
		if(self::$users[$username]) {
			return self::$users[$username]['password'];
		}
	}
	
	public function logout()
	{
		$this->clearCredentials();
		$this->setAuthenticated(false);
	}
}

?>